fix use of struct TALER_WithdrawRequestPS

2015-03-28 16:51:54 +01:00 · 2015-03-28 16:51:54 +01:00 · d61dbb3109
commit d61dbb3109
parent 15196c9bd4
3 changed files with 81 additions and 36 deletions
--- a/src/include/taler_mintdb_plugin.h
+++ b/src/include/taler_mintdb_plugin.h
@ -87,12 +87,32 @@ struct TALER_MINTDB_CollectableBlindcoin

  /**
   * Denomination key (which coin was generated).
-   * FIXME: we should probably instead have the
-   * AMOUNT *including* fee in what is being signed
-   * as well!
   */
  struct TALER_DenominationPublicKey denom_pub;

+  /**
+   * Value of the coin being minted (matching the denomination key)
+   * plus the transaction fee.  We include this in what is being
+   * signed so that we can verify a reserve's remaining total balance
+   * without needing to access the respective denomination key
+   * information each time.
+   */
+  struct TALER_Amount amount_with_fee;
+
+  /**
+   * Withdrawl fee charged by the mint.  This must match the Mint's
+   * denomination key's withdrawl fee.  If the client puts in an
+   * invalid withdrawl fee (too high or too low) that does not match
+   * the Mint's denomination key, the withdraw operation is invalid
+   * and will be rejected by the mint.  The @e amount_with_fee minus
+   * the @e withdraw_fee is must match the value of the generated
+   * coin.  We include this in what is being signed so that we can
+   * verify a mint's accounting without needing to access the
+   * respective denomination key information each time.
+   */
+  struct TALER_Amount withdraw_fee;
+
+
  /**
   * Public key of the reserve that was drained.
   */
--- a/src/mint/taler-mint-httpd_responses.c
+++ b/src/mint/taler-mint-httpd_responses.c
@ -501,6 +501,10 @@ compile_reserve_history (const struct TALER_MINTDB_ReserveHistory *rh,
      wr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
      wr.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
      wr.reserve_pub = pos->details.withdraw->reserve_pub;
+      TALER_amount_hton (&wr.amount_with_fee,
+                         &pos->details.withdraw->amount_with_fee);
+      TALER_amount_hton (&wr.withdraw_fee,
+                         &pos->details.withdraw->withdraw_fee);
      GNUNET_CRYPTO_rsa_public_key_hash (pos->details.withdraw->denom_pub.rsa_public_key,
                                         &wr.h_denomination_pub);
      wr.h_coin_envelope = pos->details.withdraw->h_coin_envelope;
--- a/src/mint/taler-mint-httpd_withdraw.c
+++ b/src/mint/taler-mint-httpd_withdraw.c
@ -95,7 +95,12 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
  size_t denomination_pub_data_size;
  char *blinded_msg;
  size_t blinded_msg_len;
+  struct TALER_Amount amount;
+  struct TALER_Amount amount_with_fee;
+  struct TALER_Amount fee_withdraw;
  struct TALER_ReserveSignatureP signature;
+  struct TALER_MINTDB_DenominationKeyIssueInformation *dki;
+  struct TMH_KS_StateHandle *ks;

  res = TMH_PARSE_mhd_request_arg_data (connection,
                                        "reserve_pub",
@ -135,7 +140,25 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
    GNUNET_free (denomination_pub_data);
    return MHD_YES; /* invalid request */
  }
-
+  denomination_pub.rsa_public_key
+    = GNUNET_CRYPTO_rsa_public_key_decode (denomination_pub_data,
+                                           denomination_pub_data_size);
+  ks = TMH_KS_acquire ();
+  dki = TMH_KS_denomination_key_lookup (ks,
+                                        &denomination_pub);
+  TALER_amount_ntoh (&amount,
+                     &dki->issue.value);
+  TALER_amount_ntoh (&fee_withdraw,
+                     &dki->issue.fee_withdraw);
+  GNUNET_assert (GNUNET_OK ==
+                 TALER_amount_add (&amount_with_fee,
+                                   &amount,
+                                   &fee_withdraw));
+  TALER_amount_hton (&wsrd.amount_with_fee,
+                     &amount_with_fee);
+  TALER_amount_hton (&wsrd.withdraw_fee,
+                     &fee_withdraw);
+  TMH_KS_release (ks);
  /* verify signature! */
  wsrd.purpose.size = htonl (sizeof (struct TALER_WithdrawRequestPS));
  wsrd.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_RESERVE_WITHDRAW);
@ -154,12 +177,10 @@ TMH_WITHDRAW_handler_withdraw_sign (struct TMH_RequestHandler *rh,
    TALER_LOG_WARNING ("Client supplied invalid signature for /withdraw/sign request\n");
    GNUNET_free (denomination_pub_data);
    GNUNET_free (blinded_msg);
+    GNUNET_CRYPTO_rsa_public_key_free (denomination_pub.rsa_public_key);
    return TMH_RESPONSE_reply_arg_invalid (connection,
                                         "reserve_sig");
  }
-  denomination_pub.rsa_public_key
-    = GNUNET_CRYPTO_rsa_public_key_decode (denomination_pub_data,
-                                           denomination_pub_data_size);
  GNUNET_free (denomination_pub_data);
  if (NULL == denomination_pub.rsa_public_key)
  {